Enhanced dockerMan Security

plugins/dynamix.docker.manager/include/CreateDocker.php

@@ -344,7 +344,7 @@ button[type=button]{margin:0 20px 0 0}
   function makeConfig(opts) {
     confNum += 1;
     var newConfig = $("#templateDisplayConfig").html();
-    newConfig = newConfig.format(opts.Name,
+    newConfig = newConfig.format(stripTags(opts.Name),
                                  opts.Target,
                                  opts.Default,
                                  opts.Mode,
@@ -380,7 +380,10 @@ button[type=button]{margin:0 20px 0 0}
     }
     return newConfig.prop('outerHTML');
   }
-
+  function stripTags(string) {
+    return string.replace(/(<([^>]+)>)/ig,"");
+  }
+	
   function escapeQuote(string) {
     return string.replace(new RegExp('"','g'),"&quot;");
   }

plugins/dynamix.docker.manager/include/Helpers.php

@@ -245,7 +245,7 @@ function xmlSecurity(&$template) {
         $tempElement = htmlspecialchars_decode($element);
         $tempElement = str_replace("[","<",$tempElement);
         $tempElement = str_replace("]",">",$tempElement);
-        if (preg_match('#<script(.*?)>(.*?)</script>#is',$tempElement) || preg_match('#<iframe(.*?)>(.*?)</iframe>#is',$tempElement)) {
+        if (preg_match('#<script(.*?)>(.*?)</script>#is',$tempElement) || preg_match('#<iframe(.*?)>(.*?)</iframe>#is',$tempElement) || (stripos($tempElement,"<link") !== false) ) {
           $element = "REMOVED";
         }
       }